StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POWhy does BCrypt.net GenerateSalt(31) return straight away?
primarykey
Id
2222383
data
AcceptedAnswerId
2222492
AnswerCount
2
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2010-02-08T14:55:32.207
FavoriteCount
7
LastActivityDate
2011-04-12T19:00:51.437
LastEditDate
2017-05-23T12:17:43.453
LastEditorUserId
-1
OwnerUserId
160173
ParentId
0
PostTypeId
1
Score
22
ViewCount
5686
LastEditorDisplayName
text
Body
I stumbled across BCrypt.net after reading <a href="http://www.codinghorror.com/blog/archives/000953.html" rel="nofollow noreferrer">Jeff Atwood's post about storing passwords</a> which led me to Thomas Ptacek's recommendation to <a href="http://chargen.matasano.com/chargen/2007/9/7/enough-with-the-rainbow-tables-what-you-need-to-know-about-s.html" rel="nofollow noreferrer">use BCrypt</a> to store passwords. Which finally led me to <a href="http://derekslager.com/blog/posts/2007/10/bcrypt-dotnet-strong-password-hashing-for-dotnet-and-mono.ashx" rel="nofollow noreferrer">this C# implementation of BCrypt</a> In the comments on the last link above someone asked "Why do GenerateSalt(30) take for ever, but GenerateSalt(31) seems to take no time at all?" I ran BCrypt.HashPassword(password, BCrypt.GenerateSalt(31)) and got my result in 0 milliseconds. I've been running BCrypt.HashPassword("password", BCrypt.GenerateSalt(30)) for over 5 minutes now and still do not have a result. I realize we'll probably not need a randomly generated 30 character salt to create our password hashes (or <a href="https://stackoverflow.com/questions/1561174/sha512-vs-blowfish-and-bcrypt#answer-1561245">irreversible encryption in BCrypt's case</a>) for years. EDIT I should have read the code a bit, logRounds doesn't have anything to do with the salt length. Thanks Aaronaught. So, why does GenerateSalt(31) return a value almost instantly (when it should take about twice as long as GenerateSalt(30)? UPDATE here is the fix: <pre><code>private byte[] CryptRaw(byte[] password, byte[] salt, int logRounds) { // ... snip ... uint rounds = 1U << logRounds; // ... snip } </code></pre>
Tags
<c#><salt><bcrypt><bcrypt.net>
Title
Why does BCrypt.net GenerateSalt(31) return straight away?
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USCommunity
UserOwnerUserId
1. USDavid Murdoch
plurals
PostLinksPostIdRelatedPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
2. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostLinksRelatedPostIdPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
2. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
3. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POWhy does BCrypt.net GenerateSalt(31) return straight away?
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 POWhy does BCrypt.net GenerateSalt(31) return straight away?
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 POWhy does BCrypt.net GenerateSalt(31) return straight away?
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.